ansible-keycloak/roles/keycloak_quarkus/templates/keycloak.conf.j2

# {{ ansible_managed }}

# Database
# Database vendor [dev-file, dev-mem, mariadb, mssql, mysql, oracle, postgres]
#db=postgres
# The username of the database user.
#db-username=keycloak
# The password of the database user.
#db-password=password
# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
#db-url=jdbc:postgresql://localhost/keycloak

# Observability
# If the server should expose metrics and healthcheck endpoints.
#metrics-enabled=true

# HTTP
http-enabled=true
http-port=8080
https-port=8443
# The file path to a server certificate or certificate chain in PEM format.
#https-certificate-file=${kc.home.dir}conf/server.crt.pem
# The file path to a private key in PEM format.
#https-certificate-key-file=${kc.home.dir}conf/server.key.pem
# The proxy address forwarding mode if the server is behind a reverse proxy.
#proxy=reencrypt
# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
#spi-sticky-session-encoder-infinispan-should-attach-route=false

# Hostname for the Keycloak server.
hostname={{ keycloak_quarkus_host }}
hostname-path={{ keycloak_quarkus_http_relative_path }}

# Cluster
#cache=ispn
#Defines the cache mechanism for high-availability. [local, ispn]
#cache-config-file=conf/cache-ispn.xml
#Defines the file from which cache configuration should be loaded from.
#cache-stack=tcp
#Define the default stack to use for cluster communication and node discovery. [tcp, udp, kubernetes, ec2, azure, google]

# Proxy
# The proxy address forwarding mode if the server is behind a reverse proxy. [edge, reencrypt, passthrough]
#proxy=

# Logging
# The format of log entries.
#log-format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n
# The log level of the root category or a comma-separated list of individual categories and their levels.
#log-level=info
add role keycloak_quarkus 2022-04-07 12:07:08 +00:00			`# {{ ansible_managed }}`

			`# Database`
			`# Database vendor [dev-file, dev-mem, mariadb, mssql, mysql, oracle, postgres]`
			`#db=postgres`
			`# The username of the database user.`
			`#db-username=keycloak`
			`# The password of the database user.`
			`#db-password=password`
			`# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.`
			`#db-url=jdbc:postgresql://localhost/keycloak`

			`# Observability`
			`# If the server should expose metrics and healthcheck endpoints.`
			`#metrics-enabled=true`

			`# HTTP`
			`http-enabled=true`
			`http-port=8080`
			`https-port=8443`
			`# The file path to a server certificate or certificate chain in PEM format.`
			`#https-certificate-file=${kc.home.dir}conf/server.crt.pem`
			`# The file path to a private key in PEM format.`
			`#https-certificate-key-file=${kc.home.dir}conf/server.key.pem`
			`# The proxy address forwarding mode if the server is behind a reverse proxy.`
			`#proxy=reencrypt`
			`# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy`
			`#spi-sticky-session-encoder-infinispan-should-attach-route=false`

			`# Hostname for the Keycloak server.`
			`hostname={{ keycloak_quarkus_host }}`
			`hostname-path={{ keycloak_quarkus_http_relative_path }}`

			`# Cluster`
			`#cache=ispn`
			`#Defines the cache mechanism for high-availability. [local, ispn]`
			`#cache-config-file=conf/cache-ispn.xml`
			`#Defines the file from which cache configuration should be loaded from.`
			`#cache-stack=tcp`
			`#Define the default stack to use for cluster communication and node discovery. [tcp, udp, kubernetes, ec2, azure, google]`

			`# Proxy`
			`# The proxy address forwarding mode if the server is behind a reverse proxy. [edge, reencrypt, passthrough]`
			`#proxy=`

			`# Logging`
			`# The format of log entries.`
			`#log-format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n`
			`# The log level of the root category or a comma-separated list of individual categories and their levels.`
			`#log-level=info`